Breach of Privacy in New Jersey
Oskaloosa News reported on January 20, 2011 in “Two Men Charged In New Jersey With Hacking AT & T’s Servers” that two men were arrested for allegedly stealing email addresses and personal information belonging to 120,000 Apple iPad 3G subscribers. The men allegedly hacked AT & T’s servers. The men were in their 20s. One man appeared before United States Magistrate Judge in Fayetteville, Arkansas federal court. Another man surrendered to FBI agents in Newark, NJ and appeared before United States Magistrate Judge in Newark, NJ federal court.
Since the introduction of the iPad in January 2010, AT & T provided iPad users with Internet connectivity via AT&T’s 3G wireless network. During the registration process for subscribing to the network, a user provided an email address, billing address, and password. The hackers wrote a script termed the “iPad 3G Account Slurper” and deployed it against AT & T’s servers to attack AT & T’s servers for several days in early June 2010. The attack made iPad users vulnerable to spam marketing and malicious hacking. According to a U.S. Attorney: “Hacking is not a competitive sport, and security breaches are not a game. Companies that are hacked can suffer significant losses, and their customers made vulnerable to other crimes, privacy violations, and unwanted contact. Computer intrusion and the spread of malicious code are a threat to national security, corporate security, and personal security…”
With growing dependence on the Internet, goals to save paper to become green, and addiction to electronic devices, people who intentionally, without authorization, disrupt services on the Internet for fun or criminal gain will come under aggressive prosecution. The government is pursuing these cases to bring back consumer confidence in a reasonable expectation of personal privacy in finances, medical, and communications.
Privacy concerns in the US began voluntarily, with the US following the lead of the European Union. The Department of Commerce worked with the European Commission to develop guidance for U.S. companies to enable compliance with the requirements of the European Union (EU)’s Directive on Data Protection. On May 21, 2000, the EU member states approved the safe harbor Data Privacy Accord (Accord). The Accord is a mechanism which, through an exchange of documents, enables the EU to certify that participating US companies meet EU requirements for adequate privacy protection.
Over the years, as people began to do more transactions on the Internet, the US beefed up its own laws, rather than just complying with international laws, to protect medical and financial information. When a person gets charged with accessing a computer without authorization or fraud in connection with personal information in New Jersey, as the men in the news article, the charges may carry potential penalty of as much as five years in prison and a fine of as much as $250,000.
When charged with a crime, engage an experienced New Jersey criminal defense attorney to make the prosecution aware that a complaint is still merely accusations, and a defendant is presumed innocent unless and until proven guilty.